Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2.	Applicant's arguments filed on 4/30/2021 regarding the 101 rejection of claims 1-16 have been fully considered but they are not persuasive. 
	Applicant states on the last paragraph on page 7,” In contrast, Applicant asserts that claim 1, as amended, as a whole, is directed to improving the technical field of cryptographic signatures.” Furthermore, on pg. 8, first paragraph Applicant alleges “The claimed invention provides several advantages. For example, in a scenario in which a first party, or client device, holds the first share of the first private key, and a second party, or  server, holds the second share of the first private key and the second private key, then neither the first party or second party alone can make a valid composite signature. Furthermore, if the first party, or client device, is compromised then an attacker is unable to apply a dictionary attack without also having to compromise the second party.” Examiner respectfully disagrees.
	The term cryptographic scheme is a mathematical function that takes input data and transforms the data into another representation for authenticity of digital messages. Therefore, the term cryptographic signature is meant to represent a mathematical relationship, formula or calculation. Secondly, the claims do not cite a practical or inventive application between devices in communication improve an application of authentication or authorization to use data. The claims state a first and second party, (which can be an algorithm) receiving various types of data to manipulate/combine received data within a mathematical algorithm. This fails to further be integrated within a practical application or inventive concept.  Under its broadest reasonable interpretation, covers performance of the limitation in a mathematical relationship but for the recitation of generic computer components. For the reasons above, the rejection is maintained. 

3.	Applicant’s arguments filed on 04/30/2021, with respect to the 102(a)(1)/(a)(2) rejection of claims 1, 2, 8-12 and 15-19 as allegedly being anticipated by U.S. Publication No. 20120198228 hereinafter Oberheide have been fully considered  and are persuasive.  Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.

4.	Applicant’s arguments filed on 4/30/2021, with respect to 35 U.S.C. 101 rejection of claim 16 have been fully considered and are persuasive.  The 101 rejection of claim 16 has been withdrawn. 


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.




Step one: Are the claims at issue directed to a statutory category?
Yes. The amended claims recites a series of steps i.e., receiving, at a computer server, a message and a first part of a first party signature, the first part of the first party signature derived from the message and a first share of a first private key; generating, at the computer server, a first party signature from the first part of the first party signature and a second share of the first private key; generating, at the computer server, a second party signature from the message and a second private key; combining, at the computer server, the first party signature and the second party signature to generate a composite cryptographic signature.

Step 2A - Prong 1: Is a Judicial Exception recited?
Yes. The claim recites the limitation of obtain a request for receiving a message and a first part of a first party signature, the first part of the first party signature derived from the message and a first share of a first private key, generating a first party signature from the first part of the first party signature. This limitation, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in of mathematical calculation or formula without any recitation of generic computer components. That is, nothing in the claim element precludes the step from practically being performed in a mathematical relationship. For example, the claim encompasses a mathematical algorithm receiving messages, signature portions, private 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. The limitation of generating, at the computer server, a first party signature from the first part of the first party signature and a second share of the first private key, generating, at the computer server, a second party signature from the message and a second private key; combining, at the computer server, the first party signature and the second party signature to generate a composite cryptographic signature. As drafted, the limitations are a process that, under its broadest reasonable interpretation, covers performance of the limitation in mathematical algorithm besides a recitation of generic computer components. That is nothing in the claim element precludes the step from practically being performed by a mathematical algorithm. For example, the claim encompasses a mathematical algorithm receiving messages, signature portions, private key portions and creating signature. Thus, the claim recites a mathematical process.

Step 2A - Prong 2: Are the claims integrated into a practical application recited?
No. The claim recites four elements: receiving a message and a first part of a first party signature, the first part of the first party signature derived from the message and a first share of a first private key, generating a first party signature from the first part of the first party signature and a second share of the first private key, generating a second party signature from the message and a second private key, combining the first party signature and the second party signature to generate a 
The combination of these additional elements is no more than mere instructions to apply the exception using a generic computer component. Accordingly, even in combination, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to the abstract idea.

Step 2b: Does the claims provide an inventive concept?
No. As discussed with respect to Step 2A Prong Two, the additional elements in the claim amount to no more than mere instructions to apply the exception using a generic computer component. The same analysis applies here in 2B, i.e., mere instructions to apply an exception on a generic computer cannot integrate a judicial exception into a practical application at Step 2A or provide an inventive concept in Step 2B.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


s  1, 2, 8-12, 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20120198228 hereinafter Oberheide in view of U.S. Publication No. 20080069347 hereinafter Brown.

As per claim 1, Oberheide discloses:
A method for generating a composite cryptographic signature (para 0013 “As shown in FIG. 1, a first embodiment according to the system 10 and/or operating environment of the invention can include a first user device 12, a second user device 30, a remote server 20 connecting the first user device 12 and the second user device 30, and a third party 40 to which a user is attempting to authenticate himself or herself. The first embodiment of the system 10 can generally function to provide a secure and reliable means for authenticating a digital identity of the user to the third party 40 through the use of a user digital signature The first embodiment of the system 10 functions in part to separate the user's private key into at least first and second portions, each of which is authorized by the user through distinct communication channels as described in detail below.”), the method comprising:
receiving, at a computer server, a message and a first part of a first party signature, the first part of the first party signature derived from the message and a first share of a first private key (para 0018 “Accordingly, in response to a private key request from the user key module 16, the mediation module 24 preferably directs the communication module 26 to contact the second user device 30 to initiate the user challenge. As noted above, the user challenge can 
generating a first party signature from the first part of the first party signature and a second share of the first private key; generating a second party signature from the message; combining the first party signature and the second party signature to generate a composite cryptographic signature (para 0018 “In response to receipt of the server 20 portion of the digital signature, the first user device 12 preferably creates its portion of the digital signature using the first private key portion 18 and combines the respective portions of the digital signature into a full digital signature for authentication to the third party 40. Preferably, the combination of the first and second portions of the digital signature does not affect the form or content of the complete digital signature, such that it will appear to the third party 40 as if the digital signature was created in full at the first user device 12.” Para 0022 “As shown in FIG. 2, in the second embodiment of the system 10 the user's private key can be divided into at least two parts; a first portion of the private key 18 can be stored remotely at the second user device 30 and a second portion of the private key 22 can be stored Para 0023 “Alternatively, the second user device 30 can, in response to a successful user challenge, create the first portion of the digital signature using the first public key portion 18 and direct the former to the mediation module 24. In response to receipt of the first portion of the digital signature, the mediation module 24 preferably creates its portion of the digital signature using the second private key portion 22 and combines the respective portions of the digital signature into a full digital signature for transmission to the first user device 12 and eventual authentication to the third party 40. Preferably, the combination of the first and second portions of the digital signature does not affect the form or content of the 

	Oberheide does not disclose:
 generating, at a computer server, a first party signature from the first part of the first party signature and a second share of the first private key,
generating, at the computer server, a second party signature from the message and a second private key, 
combining, at the computer server, the first party signature and the second party signature 

	Brown discloses:
 generating, at a computer server, a first party signature from the first part of the first party signature and a second share of the first private key, generating, at the computer server, a second party signature from the message and a second private key, combining, at the computer server, the first party signature and the second party signature (para 0013 “In one aspect, there is provided a method for generating an aggregate digital signature comprising generating a first signature component by encrypting a first portion of data using a first encryption key; generating a first intermediate signature component from the first signature component and a second portion of data; generating a second signature component from the first intermediate signature component and a first private key; generating a third signature component by encrypting one of the first 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the provide a secure and reliable means for authenticating a digital identity of Oberheide in view of Brown to include  generating, at a computer server, a first party signature from the first part of the first party signature and a second share of the first private key, generating, at the computer server, a second party signature from the message and a second private key, and combining, at the computer server, the first party signature and the second party signature, as taught of Brown.
The motivation would have been to allow a single device to combine signature and private key data to protect the exposure of the input information.

As per claim 2, Oberheide in view of Brown in discloses:
The method according to claim 1, wherein the first private key and a public key are a first key pair, and wherein the second private key and the public key form a second key pair (Oberheide  para 0003, 0018, and 0023).

As per claim 8, Oberheide in view of Brown discloses:
The method according to claim 2, further comprising:
verifying the origin of the first part of the first party signature using the public key and the message (Oberheide para 0021 and 0028).

As per claim 9, Oberheide in view of Brown discloses:
The method according to claim 8, wherein receiving a message and a first part of the first party signature comprises receiving a signing request (Oberheide para 0016 “Example user challenges can include one or more of SMS or MMS messages, emails, voice telephone calls, automated telephone calls, PIN requests, push notifications, one-time passwords, and the like.” Which can include a signing requesting)
comprising the message and the first part of the first party signature, and wherein verifying the origin of the first part of the first party signature comprises checking that the signing request further comprises information relating to one or more previous communications from the same origin (Oberheide para 0017, 0018, 0031 and 0035).

As per claim 10, Oberheide in view of Brown discloses:
The method according to any preceding claim 1, further comprising: transmitting the composite cryptographic signature (Oberheide para 0018 and 0023).

As per claim 11, Oberheide in view of Brown discloses:
The method according to any preceding claim 1, wherein receiving a message and a first part of a first party signature comprises receiving a message and a first part of a first party signature from a client device (para 0022, 0028, 0039, and 0040).

As per claim 12, Oberheide in view of Brown discloses:
The method according to any preceding claim 1, wherein receiving a message and a first part of a first party signature comprises receiving a message and a first part of a first party signature over a secure channel (Oberheide para 0014).

As per claim 15, the implementation of the method of claim 1 will execute the apparatus of claim 15. The claim is analyzed with respect to claim 1.

As per claim 16, Oberheide in view of Brown discloses:
A non-transitory computer readable medium having computer-executable instructions to cause a computer to perform a method according to claim 1 (Oberheide para 0016 and 0044).

As per claim 17, Oberheide in view of Brown discloses:
The method for generating a composite cryptographic signature (para 0013 “As shown in FIG. 1, a first embodiment according to the system 10 
at a first device: generating a first part of a first party signature from a message and a first share of a first private key (Oberheide para 0016 “Example user challenges can include one or more of SMS or MMS messages, emails, voice telephone calls, automated telephone calls, PIN requests, push notifications, one-time passwords, and the like.” para 0035 “Alternatively, the first user device can be configured to create only a first portion of the digital signature from the locally stored first portion of the private key and receive the second portion of the digital signature from one of the server or the second user device.”);
at the second device: generating a first party signature from the first part of the first party signature and a second share of the first private key (Oberheide para 0018 “In response to a successful completion of the user challenge, the mediation module 24 preferably creates half of the digital signature (i.e., the Para 0023 “In response to receipt of the first portion of the digital signature, the mediation module 24 preferably creates its portion of the digital signature using the second private key portion 22 and combines the respective portions of the digital signature into a full digital signature for transmission to the first user device 12 and eventual authentication to the third party 40.” para 0031 “Alternatively, the first user device can be configured to create only a first portion of the digital signature from the locally stored first portion of the private key and receive the second portion of the digital signature from one of the server or the second user device.”);
generating a second party signature from the message and a second private key and combining the first party signature and the second party signature to form a composite cryptographic signature (Oberheide para 0035 “The first user device can further be configured to create the digital signature in response to receiving one or more of the first and second portions of the private key (the first portion of the private key might be locally stored, as noted above, and the second portion of the private key can be received in an encrypted state and decrypted by the first user device). Alternatively, the first user device can be configured to create only a first portion of the digital signature from the locally stored first portion of the private key and receive the second portion of the digital signature from one of the server or the second user device. In such a case, the first user device can be further configured to combine the first 

As per claim 18, Oberheide in view of Brown discloses:
The method according to claim 17, further comprising: at the second device, communicating the composite cryptographic signature and a composite public key to the client device; and at the first device, verifying the composite cryptographic signature using the message and the composite public key (Oberheide Fig. 5, para 0021,0028, and 0035).

As per claim 19, Oberheide in view of Brown discloses:
A system for generating a composite cryptographic signature, the system comprising a first device and a second device, wherein the first device and the second device each comprise a processor and at least one memory, and wherein the at least one memory of the first device and the at least one memory of the second device each store computer-executable instructions which, when executed by the processors of the first device and the second device respectively, cause the first device and the second device to perform a method according to claim 17 (Oberheide Figs. 1 and 2, para 0044).

7. 	Claims 3-6 are rejected under 35 U.S.C. 103 as being unpatentable over Oberheide in view of Brown and further in view of U.S. Publication No. 20110264917 hereinafter Barthelemy.

As per claim 3, Oberheide in view of Brown discloses:
The method according to claim 2, wherein the first private key (Oberheide para 0018)

Oberheide in view of Brown does not disclose:
first private key comprises a first private modulus and a first private exponent; and wherein the second private key comprises a second private modulus and a second private exponent; and wherein the public key comprises a public exponent.

Barthelemy discloses:
first private key comprises a first private modulus and a first private exponent; and wherein the second private key comprises a second private modulus and a second private exponent; and wherein the public key comprises a public exponent (para 0038-0039 “The subject of the invention is a method of digital signature of a message M by a signatory having an identity I and making use of a signature device, said method using a public-key cryptography scheme and being characterized in that the signatory makes use of a public key K.sub.p and of two private keys K.sub.s and K.sub.c, the second private key K.sub.c being deposited with a trusted third party, and in that it comprises, for each signature operation, two complementary steps, each carried out with a distinct private key, namely: the calculation by the signatory of a pre-para 0146 “(33) The device of the signatory uses a public exponent e agreed in advance (the values 3 or 65537 are commonly used). It randomly draws a private exponent d.sub.1 of an agreed length and such that gcd (d.sub.1, ,phi.(n))=1 (where "gcd" denotes the "greatest common divisor" function). Finally, it calculates the exponent d.sub.2 as the inverse modulo .phi.(n) of the product of e times d.sub.1, i.e. such that: ed.sub.Id.sub.2=1 mod .phi.(n). The exponent d.sub.s, of the signatory is one of the exponents d.sub.1 or d.sub.2, while the exponent d.sub.c of the server of the trusted third party is the other exponent, d.sub.2 or d.sub.1 respectively. The choice of d.sub.1 or d.sub.2 as private exponent of the signatory has no impact on security but makes it possible to shift the calculational burden during signature onto the signatory or the server of the trusted third party, depending on requirements. The public key is the pair (n, e), the private key of the signatory is (n, d.sub.s) and the private key of the server of the trusted third party is (n, d.sub.c).” Para 0158 and 0160 “The device of the signatory calculates the pre-signature by applying the probabilistic encoding function E.sub.s=ES (H(M)) and then the RSA encryption function (Modular Exponentiation) to the message M: S.sub.s=E.sub.s.sup.ds mod n.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the provide a secure and reliable means for authenticating a digital identity of Oberheide in 
The motivation would have been to properly protect private key of a signature.

As per claim 4, Oberheide in view of Brown and Barthelemy discloses:
The method according to claim 3, wherein the first private modulus is a product of prime numbers; and the second private modulus is a product of prime numbers; and wherein each of the prime numbers is coprime to the public exponent (Barthelemy para 0144, 0145, and 0179-0182).

As per claim 5, Oberheide in view of Brown and Barthelemy discloses:
The method according to claim 3, further comprising generating a composite public modulus from the first private modulus and the second private modulus (Barthelemy para 0146 and 0160).

As per claim 6, Oberheide in view of Brown and Barthelemy discloses:
The method according to any of claim3, wherein the first share of the first private key comprises a first additive share of the first private exponent; and wherein the second share of the first private key comprises a second additive share of the first private exponent (Oberheide para 0035) and (Barthelemy para 0114 and 0215).

8. 	Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Oberheide in view of Brown and further in view of Barthelemy, and further in view of U.S. Publication No. 20170012948 hereinafter Peeters.

As per claim 7, Oberheide in view of Brown and Barthelemy discloses:
The method according to claim 3, wherein the first share of the first private key (Oberheide para 0018 and 0035)

Oberheide in view of Brown and Barthelemy does not disclose:
a first private key comprising a first multiplicative share of the first private exponent and wherein the second share of the first private key comprises a second multiplicative share of the first private exponent

Peeters discloses:
a first private key comprising a first multiplicative share of the first private exponent and wherein the second share of the first private key comprises a second multiplicative share of the first private exponent (para 0019, 0020, 0025, and 0026)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the provide a secure and reliable means for authenticating a digital identity of Oberheide in view of Brown and Barthelemy to include a first private key comprising a first 
The motivation would have been to protect the exposure of the private key.

9. 	Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Oberheide in view of Brown, and further in view of Barthelemy, and further in view of U.S. Publication No. 20130044882 hereinafter Rich.

As per claim 13, Oberheide in view of Brown and Barthelemy discloses:
The method according to claim 1, wherein the message (para 0016)

Oberheide in view of Brown and Barthelemy does not disclose:
wherein a message is a hashed message

Rich discloses:
wherein a message is a hashed message (para 0049 “As seen in FIG. 4, KMIP objects are varied and include Certificate (a digital certificate), Opaque Object (an object stored by a key management server, but not necessarily interpreted by it), Private Key (the private portion of an asymmetric key pair), Public Key (the public portion of an asymmetric key pair, Secret Data (a shared secret that is not a key or certificate), Split Key (a secret, usually a Also see para 0053)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the provide a secure and reliable means for authenticating a digital identity of Oberheide in view of Brown and Barthelemy to include wherein a message is a hashed message, as taught of Rich.
The motivation would have been to provide a message to be a hashed message for integrity verification.

10. 	Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Oberheide in view of Brown, and further in view of Barthelemy, and further in view of U.S. Publication No. 20010021253 hereinafter Furuya.

As per claim 14, Oberheide in view of Brown and Barthelemy discloses:
The method according to claim 1, wherein the message (Oberheide para 0016)

Oberheide in view of Brown and Barthelemy does not disclose:
wherein a message is a padded message

Furuya discloses:
wherein a message is a padded message (para 0135 “Step 20302 (input of necessary parameters): obtains the number n of blocks making up the padded message, and the secret key K.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the provide a secure and reliable means for authenticating a digital identity of Oberheide in view of Brown and Barthelemy to include wherein a message is a padded message, as taught of Rich.
The motivation would have been to provide a message to be a padded message for integrity verification.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192.  The examiner can normally be reached on Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/GARY S GRACIA/           Primary Examiner, Art Unit 2491